Manage Identities

Identity creation involves assigning a unique set of attributes to a user, including their first and last name, email address, mobile number and relationship details with the organization like location, department, manager, and employee ID. After the identity is established, it is further defined by the assignment of roles, accounts, and entitlements.

Add an Identity

1. Navigate to Identities from the menu and click Add.

   

2. The Add Identity dialog box is displayed.

     

3.  Specify the following details:

   • Username: Enter the username which is a unique attribute.

   • First Name: Enter the first name of an identity.

   • Last Name: Enter the last name of an identity.

   • Email address: Optionally provide an email address.

   • Mobile number: Optionally provide the mobile number.

   • Full name: Enter the full name of an identity.

   • Department: Enter the department name.

   • Check the Assign Manager box. When the user is assigned to a manager, an email and SMS notification is sent to both the user and the assigned manager.

   • Check the Trigger Provisioning across authorized applications. This enables the user to have birthright access to default applications.

4. Click Add. An “ Identity added successfully” confirmation message is displayed.

5. Click Close.

Edit an Identity

Every identity has a unique work environment that the Administrator configures. You can edit identity details and configure additional details using View/Edit.

The orange icon linked to an identity shows a violation of SoD policy.

1.  Select the identity you wish to edit. 

   

2. Click View/edit. The Edit Identity screen appears.

   

3. You can edit an identity from the different tabs and click Save.

   

   Note:

   The Other tab shows how an identity is created manually, through an API or imported through CSV/AD/SoT. 

4. Applications: This tab gives complete application info.

   

5. You also have the option to see the application details within the Account Details section and view the entitlements that an identity has access to within the Entitlements tab.

   

6. Reset Password/MFA: The Admin can select any MFA options to re-register for the Security question and soft token and re-send the welcome email.

7. Click Reset Password/MFA.

   

8. Choose an appropriate option:

   • Password: End user will receive an email with a new password to set a new password.

   • Security Questions/Soft Token: This option can be selected when an end user has registered for MFA.

9. Click Save.

10. A notification will appear to Trigger modification across authorized assets.

    

11. Click Proceed.

Delete an Identity

1. Select an identity you wish to delete.

2. Click Delete. The Delete Identity dialog box is displayed.

3. Select the required option:

   • Delete Identity: Deletes the Identity but maintains an orphan account for the identity.

   • Delete identity and associated application access: Deletes the identity, its access, and all user data. 

4.  Click Delete.

Suspend an Identity

The identity is suspended temporarily and the license will not be revoked. The status of an identity is changed to Inactive post-suspension.

1. Select the identity you wish to suspend.

    

2. Click Suspend.

   

3. Select Suspend associated Accesses? to suspend the connected access of the identity.

4. Click  Suspend.

Restore an Identity

Once an identity is restored, the status will change to Active.

1.  Select the identity you wish to restore.

   

2. Select  Restore.

   

3. Select Restore associated applications? to restore the connected access. 

4.  Click Restore.

Deactivate an Identity

Unlike the suspend option, this option will permanently suspend the user and revoke the license. User status after deactivating will be DEACTIVATED.

1.  Select an identity to deactivate and click Deactivate.

    

2.  A confirmation pop-up appears. Click Deactivate associated Accesses to suspend the access from associated applications. 

3. Click Deactivate and the identity is deactivated.